25GitHub introduces staged publishing and new install-time controls for NPMNice…maybe will help some of the recent attacksIf maintainers actually use itThis is the biggest question I also had after reading the blog post. Given the recent chain of attacks, wouldn't it make sense to enforce staged publish by default or at least gradually move over to it?
Nice…maybe will help some of the recent attacksIf maintainers actually use itThis is the biggest question I also had after reading the blog post. Given the recent chain of attacks, wouldn't it make sense to enforce staged publish by default or at least gradually move over to it?
If maintainers actually use itThis is the biggest question I also had after reading the blog post. Given the recent chain of attacks, wouldn't it make sense to enforce staged publish by default or at least gradually move over to it?
This is the biggest question I also had after reading the blog post. Given the recent chain of attacks, wouldn't it make sense to enforce staged publish by default or at least gradually move over to it?
Nice…maybe will help some of the recent attacks
If maintainers actually use it
This is the biggest question I also had after reading the blog post. Given the recent chain of attacks, wouldn't it make sense to enforce staged publish by default or at least gradually move over to it?